When comparing npm + Browserify vs Duo, the Slant community recommends npm + Browserify for most people. In the question“What are the best open source front-end package managers?” npm + Browserify is ranked 1st while Duo is ranked 6th. The most important reason people chose npm + Browserify is:
If you're using node.js as your backend, you gain a lot of flexibility by using the same package manager for the frontend and backend, making it much easier to share code without adding one more tool to an already large toolbase.
Ranked in these QuestionsQuestion Ranking
Pros
Pro Best way to share code with the backend
If you're using node.js as your backend, you gain a lot of flexibility by using the same package manager for the frontend and backend, making it much easier to share code without adding one more tool to an already large toolbase.
Pro Huge active ecosystem
Npm gains a lot from its large community, and the activity from node.js gives npm the largest set of active repositories. Since so many people already use npm, chances are the library you need has already been added to npm, and many new authors are writing their libraries with npm in mind.
Pro Client side shims provided by Browserify
Browserify provides client side versions of non I/O related built in npm modules. This allows you to use the path manipulation, crypto, and zip libraries on the client side.
Pro Support multiple bundles
Browserify allows splitting up bundles among multiple pages to get the benefit of caching for shared, infrequently-changing modules, while still being able to use require().
Pro All modules must implement CommonJS modules which leads to cleaner dependency management
Because all npm modules need to follow the CommonJS format, it's much easier to set up dependencies through the require function.
Pro Easy to create bundles
Because of the nature of Browserify, it's easy to require
different dependencies and concatenate them into one minified file.
This helps with performance and load times, especially for mobile devices.
Pro Can also flatten the dependency tree with dedupe
npm dedupe lets you flatten the dependency tree.
Npm has a very handy dedupe tool. What this tool does is that it checks the dependency tree to find modules that depend on third dependencies. If a suitable version for all modules exists, it keeps that version and deletes any other versions that are not needed.
For example, in this dependency graph:
a
+-- b <-- depends on c@1.0.x
| -- c@1.0.3
-- d <-- depends on c@~1.0.9
-- c@1.0.10
dedupe will transform it to:
a
+-- b
+-- d
-- c@1.0.10
What it did was to make sure that both b
and d
got their dependency met by a single c
module. It then deleted all the unneeded versions of the c
module.
Pro Browserify shim allows you to use non Common JS formatted packages
Browserify shim is a transformation extension for Browserify that lets you load in libraries that do not follow the Common JS structure (using an exports module). This allows you to explicitly define what globally defined variables should be exposed by a require
statement so you can control how you load in these poorly formatted libraries safely without polluting the global scope.
Because the Common JS style loads in required libraries within a closure, any variables defined in a library will not pollute the global scope. Browserify shim lets you define which variables defined within that closure to map to the exports
variable that Common JS expects in a safe and explicit way through declarations in your project's package.json
file.
Pro Can include HTML, CSS and images as well
Packages hosted with NPM do not include just JavaScript. Other assets, like static ones (HTML, CSS and images) are included.
Pro Handles the entire build and packaging process for you
Because Duo allows you to require dependencies directly in your html, css, and javascript, you don't need to manage annoying build processes. Duo automatically supports preprocessed languages like Coffeescript and Sass, and automatically bundles them into a single file, making it an easy-to-use, all-in-one tool. All you have to do is run duo in > out
and you're done!
Pro Allows you to directly require dependencies from Javascript, HTML, and CSS
With Duo you don't need to manage a separate dependency file, you just require projects from your files where you need them. It works with all front-end languages, giving you powerful inline Javascript, HTML, CSS, and even JSON management in a way that no other package manager supports.
Pro Require directly from github
Duo allows you to use require
to import packages directly from github using the username/package_name@version
syntax. The version is optional, in case you want to test out a new package quickly.
Pro Built on top of Component
Duo can be seen as an easier to use, more feature complete wrapper around component.
Pro Supports both Bower and Component packages
Duo is primarily designed to support Component packages, but Bower package support is available with npm support planned, so you can use Duo with libraries as well as components.
Cons
Con Familiarity with Node is required
Browserify's documentation assumes that you have some familiarity with Node before starting to work with it. Some methods are not explained very thoroughly and others are assumed to be already known by the developer.
For example, Node's module.exports
is not explained, it's just mentioned that browserify modules can be exported using it. Which is fine, but for a developer not used with Node, or a front-end engineer that has never used Node it can be confusing.
Con Does not guarantee reproducible builds
Con Needs to create a bundle in every change
That makes debugging more difficult and requires extra time to create the bundle again for every change.
Con Post-install scripts
Packages shouldn't need post-installing. They should be an enclosed unit. This is another potential attack vector.
Con Potentially hijacked and malicious packages
Con Harder to manage versions between files
Because versions and dependencies can be specified inline, it might be harder to update your packages when you want to upgrade. (However, it is possible to specify dependencies in a JSON file.)
Con Cannot extract modules from a bundle and put into another one
As for common modules shared by multiple pages, duo.js cannot extract and put them into another bundle which is loaded commonly. On the other hand, modules modified rarely should put into another bundle so they can be still cached when other modules change.